-
Legacy Health
August 20, 2018
•
[ phishing, healthcare ]
Legacy Health notifies 38,000 patients that a phishing attack may have breached their data. Officials discovered unauthorized access to some employee email accounts on June 21. However, the access began several weeks before in May 2018.
-
Animoto
August 20, 2018
•
[ hack, technology ]
Animoto, a cloud-based video maker service for social media sites, reveals a data breach. The breach occurred on July 10 but was confirmed by the company in early August, and later reported to the California attorney general. Names, dates of birth and user email addresses were accesed by the hackers, but the company said it wasn't known if data had been exfiltrated.
-
Superdrug
August 20, 2018
•
[ hack, retail ]
Superdrug confirms that hackers claim to have obtained the personal details of almost 20,000 individuals who shopped online at Superdrug.
-
Bossier City
August 18, 2018
•
[ hack, misconfiguration, government ]
Some Bossier City water customers may have had their information compromised due to a possible breach of an online billing payment system.
-
David Min
August 18, 2018
•
[ hack, government ]
Reuters reveals that the U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of David Min, a Democratic candidate in California.
-
Eastern Maine Community College
August 17, 2018
•
[ hack, malware, education ]
Eastern Maine Community College in Bangor warns of a possible data breach that could have exposed the personal information of current and former staff and students. School officials notify 42,000 current and former students and employees that certain computers were recently infected with malware and may have been hacked.
-
Dallas County Community College
August 17, 2018
•
[ social, phishing, education ]
Dallas County Community College discloses a breach after some employees' emails credentials are compromised by a phishing attack from September 14, 2017 to December 18, 2017.
-
TelAlaska
August 16, 2018
•
[ espionage, technology ]
A threat actor is targeting multiple organizations with trade ties to China, including those connected with China's Belt and Road Initiative. The actor also targets organizations in advance of officials' meetings with Chinese trade officials.
-
Augusta University Health
August 16, 2018
•
[ social, phishing, healthcare ]
Augusta University Health discloses a breach affecting 417,000 patients as a consequence of two phishing attacks occurred on September 11, 2017 and July 31, 2018.
-
SpyFone
August 16, 2018
•
[ leak, misconfiguration, technology ]
In August 2018, the spyware company SpyFone left terabytes of data publicly exposed. Collected surreptitiously whilst the targets were using their devices, the data included photos, audio recordings, text messages and browsing history which were then exposed via a number of misconfigurations within SpyFone's systems. The data belonged the thousands of SpyFone customers and included 44k unique email addresses, many likely belonging to people the targeted phones had contact with.
-
Hans Keirstead
August 15, 2018
•
[ hack, cyberattack, government ]
Rolling Stone reveals that the U.S. Federal Bureau of Investigation is investigating a series of cyberattacks over the past year that targeted Dr. Hans Keirstead, a Democratic candidate in California.
-
Michael Terpin
August 15, 2018
Michael Terpin, a bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.
-
Cosmos Bank
August 11, 2018
•
[ hack, malware, finance ]
Cyber criminals hack the systems of India's Cosmos Bank and siphon off nearly 944 million rupees ($13.5 million) through simultaneous withdrawals across 28 countries. Unidentified hackers stole customer information through a malware attack on its ATM server.
-
Adams County
August 10, 2018
Adams County officials release a media statement and a detailed notification regarding a security breach affecting 258,120 individuals in the Adams County. The investigations revealed that the breach, due to an unauthorized access, lasted for around six years.
-
Butlin's
August 10, 2018
Butlin's has confirmed that the records of up to 34,000 guests have been accessed by hackers. The stolen data does not include payment details, but customers' names, holiday dates, postal and email addresses and telephone numbers.
-
Hennepin County
August 9, 2018
Officials reveal that cyber attackers have infiltrated e-mail accounts for about 20 Hennepin County employees since late June, and may have accessed the private information of people who rely on the county's services.
-
PGA of America
August 7, 2018
•
[ ransomware, malware ]
PGA of America's computers are locked by a ransomware.
-
HauteLook
August 7, 2018
•
[ leak, retail ]
In mid-2018, the fashion shopping site HauteLook was among a raft of sites that were breached and their data then sold in early-2019. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
-
Rbx.Rocks
August 6, 2018
In August 2018, the Roblox trading site Rbx.Rocks suffered a data breach. Almost 25k records were sent to HIBP in November and included names, email addresses and passwords stored as bcrypt hashes. In July 2019, a further 125k records emerged bringing the total size of the incident to 150k. The website has since gone offline with a message stating that "Rbx.Rocks v2.0 is currently under construction".
-
RAF Airwoman
August 4, 2018
An RAF airwoman has her Tinder profile hacked. The attackers use the hacked profile to steal secrets of Britain's new F-35 Lightning II stealth fighter.